CVE-2005-1038
published 2005-05-02CVE-2005-1038: crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a…
PriorityP45low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.54%
41.2th percentile
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paul_vixie | vixie_cron | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2005-04-06·CVSS 2.1
CVE-2005-1038 [LOW] security flaw
security flaw
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
GHSA
GHSA-xmqm-497m-6h9h: crontab in Vixie cron 4
ghsa_unreviewed·2022-05-03·CVSS 2.1
CVE-2005-1038 [LOW] GHSA-xmqm-497m-6h9h: crontab in Vixie cron 4
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-1038 security flaw
bugzilla·2018-08-16·CVSS 2.1
CVE-2005-1038 [LOW] CVE-2005-1038 security flaw
CVE-2005-1038 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
---
Statement:
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Bugzilla
CAN-2005-1038 vixie-cron information leak
bugzilla·2005-07-21·CVSS 2.1
CVE-2001-0235 [LOW] CAN-2005-1038 vixie-cron information leak
CAN-2005-1038 vixie-cron information leak
+++ This bug was initially created as a clone of Bug #162022 +++
+++ This bug was initially created as a clone of Bug #154920 +++
crontab in Vixie cron 4.1, when running with the -e option, allows local users
to read the cron files of other users by changing the file being edited to a
symlink. NOTE: there is insufficient information to know whether this is a
duplicate of CVE-2001-0235.
http://www.securityfocus.com/archive/1/395093
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solut
Bugzilla
CVE-2005-1038 vixie-cron information leak
bugzilla·2005-06-29·CVSS 2.1
CVE-2005-1038 [LOW] CVE-2005-1038 vixie-cron information leak
CVE-2005-1038 vixie-cron information leak
+++ This bug was initially created as a clone of Bug #154920 +++
crontab in Vixie cron 4.1, when running with the -e option, allows local users
to read the cron files of other users by changing the file being edited to a
symlink. NOTE: there is insufficient information to know whether this is a
duplicate of CVE-2001-0235.
http://www.securityfocus.com/archive/1/395093
Discussion:
Our current fix for this issue is not complete. A race condition still exists
between the time we lstat the file in question, and when we open the file.
---
This is now fixed with vixie-cron-4.1-8.EL3, available from:
http://people.redhat.com/~jvdias/cron/RHEL-3/4.1-8.EL3
The race condition has been circumvented: the fopen() is done as
the non-root user, which also f
Bugzilla
CAN-2005-1038 vixie-cron information leak
bugzilla·2005-04-20·CVSS 2.1
CVE-2001-0235 [LOW] CAN-2005-1038 vixie-cron information leak
CAN-2005-1038 vixie-cron information leak
+++ This bug was initially created as a clone of Bug #154922 +++
+++ This bug was initially created as a clone of Bug #154920 +++
crontab in Vixie cron 4.1, when running with the -e option, allows local users
to read the cron files of other users by changing the file being edited to a
symlink. NOTE: there is insufficient information to know whether this is a
duplicate of CVE-2001-0235.
http://www.securityfocus.com/archive/1/395093
Discussion:
Oups...only applies to 4.1 which is not included <= FC2
Bugzilla
CAN-2005-1038 vixie-cron information leak
bugzilla·2005-04-14·CVSS 2.1
CVE-2001-0235 [LOW] CAN-2005-1038 vixie-cron information leak
CAN-2005-1038 vixie-cron information leak
crontab in Vixie cron 4.1, when running with the -e option, allows local users
to read the cron files of other users by changing the file being edited to a
symlink. NOTE: there is insufficient information to know whether this is a
duplicate of CVE-2001-0235.
http://www.securityfocus.com/archive/1/395093
Discussion:
This issue should also affect RHEL2.1 and RHEL3
---
Actually, in RHEL-3, vixie-cron-3.0.1-76 would not have this problem,
becuase it used fstat(fd,&st) on the same original file descriptor
for the file that was unlinked by the attack; since the modification
time had not changed, it would print
'crontab: no changes made to crontab'
and would not install the link as the new crontab.
Because this version crontab did not re-open the f
Bugzilla
CAN-2005-1038 vixie-cron information leak
bugzilla·2005-04-14·CVSS 2.1
CVE-2001-0235 [LOW] CAN-2005-1038 vixie-cron information leak
CAN-2005-1038 vixie-cron information leak
+++ This bug was initially created as a clone of Bug #154920 +++
crontab in Vixie cron 4.1, when running with the -e option, allows local users
to read the cron files of other users by changing the file being edited to a
symlink. NOTE: there is insufficient information to know whether this is a
duplicate of CVE-2001-0235.
http://www.securityfocus.com/archive/1/395093
Discussion:
This is fixed with vixie-cron-4.1-33_FC3, FC-3 update #320 .
---
No errata covers the FC-3 update #320 - this problem is fixed with
vixie-cron-4.1-33_FC3
and in
FC4's vixie-cron-4.1-33
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-Uhttp://secunia.com/advisories/19532http://secunia.com/advisories/20666http://secunia.com/advisories/24995http://support.avaya.com/elmodocs2/security/ASA-2006-118.htmhttp://www.novell.com/linux/security/advisories/2007_007_suse.htmlhttp://www.redhat.com/support/errata/RHSA-2005-361.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0117.htmlhttp://www.securityfocus.com/archive/1/395093http://www.securityfocus.com/bid/13024https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11104ftp://patches.sgi.com/support/free/security/advisories/20060401-01-Uhttp://secunia.com/advisories/19532http://secunia.com/advisories/20666http://secunia.com/advisories/24995http://support.avaya.com/elmodocs2/security/ASA-2006-118.htmhttp://www.novell.com/linux/security/advisories/2007_007_suse.htmlhttp://www.redhat.com/support/errata/RHSA-2005-361.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0117.htmlhttp://www.securityfocus.com/archive/1/395093http://www.securityfocus.com/bid/13024https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11104
2005-05-02
Published